Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|
CVE-2024-7531 | fixed | fixed | fixed | fixed | vulnerable (no DSA, ignored) | fixed | fixed | Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer ... |
CVE-2023-6135 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | Multiple NSS NIST curves were susceptible to a side-channel attack kno ... |
CVE-2023-5388 | fixed | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | NSS was susceptible to a timing side-channel attack when performing RS ... |
CVE-2020-25648 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ... |
CVE-2019-11727 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | A vulnerability exists where it possible to force Network Security Ser ... |
CVE-2018-12384 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | When handling a SSLv2-compatible ClientHello request, the server doesn ... |
Bug | Description |
---|
TEMP-0000000-583651 | nspr, nss: unprotected environment variables |
CVE-2024-6609 | When almost out-of-memory an elliptic curve key which was never alloca ... |
CVE-2024-6602 | A mismatch between allocator and deallocator could have led to memory ... |
CVE-2024-0743 | An unchecked return value in TLS handshake code could have caused a po ... |
CVE-2023-4421 | The NSS code used for checking PKCS#1 v1.5 was leaking information use ... |
CVE-2023-0767 | An attacker could construct a PKCS 12 cert bundle in such a way that c ... |
CVE-2022-22747 | After accepting an untrusted certificate, handling an empty pkcs7 sequ ... |
CVE-2022-3479 | A vulnerability found in nss. By this security vulnerability, nss clie ... |
CVE-2021-43527 | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR a ... |
CVE-2020-12413 | The Raccoon attack is a timing attack on DHE ciphersuites inherit in t ... |
CVE-2020-12403 | A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS i ... |
CVE-2020-12402 | During RSA key generation, bignum implementations used a variation of ... |
CVE-2020-12401 | During ECDSA signature generation, padding applied in the nonce design ... |
CVE-2020-12400 | When converting coordinates from projective to affine, the modular inv ... |
CVE-2020-12399 | NSS has shown timing differences when performing DSA signatures, which ... |
CVE-2020-6829 | When performing EC scalar point multiplication, the wNAF point multipl ... |
CVE-2019-17023 | After a HelloRetryRequest has been sent, the client may negotiate a lo ... |
CVE-2019-17007 | In Network Security Services before 3.44, a malformed Netscape Certifi ... |
CVE-2019-17006 | In Network Security Services (NSS) before 3.46, several cryptographic ... |
CVE-2019-11745 | When encrypting with a block cipher, if a call to NSC_EncryptUpdate wa ... |
CVE-2019-11729 | Empty or malformed p256-ECDH public keys may trigger a segmentation fa ... |
CVE-2019-11719 | When importing a curve25519 private key in PKCS#8format with leading 0 ... |
CVE-2018-18508 | In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a ... |
CVE-2018-12404 | A cached side channel attack during handshakes using RSA encryption co ... |
CVE-2017-7805 | During TLS 1.2 exchanges, handshake hashes are generated which point t ... |
CVE-2017-7502 | Null pointer dereference vulnerability in NSS since 3.24.0 was found w ... |
CVE-2017-5462 | A flaw in DRBG number generation within the Network Security Services ... |
CVE-2017-5461 | Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through ... |
CVE-2016-9574 | nss before version 3.30 is vulnerable to a remote denial of service du ... |
CVE-2016-9074 | An existing mitigation of timing side-channel attacks is insufficient ... |
CVE-2016-8635 | It was found that Diffie Hellman Client key exchange handling in NSS 3 ... |
CVE-2016-5285 | A Null pointer dereference vulnerability exists in Mozilla Network Sec ... |
CVE-2016-2834 | Mozilla Network Security Services (NSS) before 3.23, as used in Mozill ... |
CVE-2016-1979 | Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndRet ... |
CVE-2016-1978 | Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange f ... |
CVE-2016-1950 | Heap-based buffer overflow in Mozilla Network Security Services (NSS) ... |
CVE-2016-1938 | The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Secur ... |
CVE-2016-0800 | The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before ... |
CVE-2015-7575 | Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ... |
CVE-2015-7182 | Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Sec ... |
CVE-2015-7181 | The sec_asn1d_parse_leaf function in Mozilla Network Security Services ... |
CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ena ... |
CVE-2015-2730 | Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozi ... |
CVE-2015-2721 | Mozilla Network Security Services (NSS) before 3.19, as used in Mozill ... |
CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... |
CVE-2014-1569 | The definite_length_decoder function in lib/util/quickder.c in Mozilla ... |
CVE-2014-1568 | Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before ... |
CVE-2014-1544 | Use-after-free vulnerability in the CERT_DestroyCertificate function i ... |
CVE-2014-1492 | The cert_TestHostName function in lib/certdb/certdb.c in the certifica ... |
CVE-2014-1491 | Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozi ... |
CVE-2014-1490 | Race condition in libssl in Mozilla Network Security Services (NSS) be ... |
CVE-2013-5606 | The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Netw ... |
CVE-2013-5605 | Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 be ... |
CVE-2013-1741 | Integer overflow in Mozilla Network Security Services (NSS) 3.15 befor ... |
CVE-2013-1740 | The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Net ... |
CVE-2013-1739 | Mozilla Network Security Services (NSS) before 3.15.2 does not ensure ... |
CVE-2013-1620 | The TLS implementation in Mozilla Network Security Services (NSS) does ... |
CVE-2013-0791 | The CERT_DecodeCertPackage function in Mozilla Network Security Servic ... |
CVE-2013-0169 | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ... |
CVE-2012-0441 | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security ... |
CVE-2011-3640 | Untrusted search path vulnerability in Mozilla Network Security Servic ... |
CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... |
CVE-2010-3173 | The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x befo ... |
CVE-2010-3170 | Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ... |
CVE-2009-3555 | The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as us ... |
CVE-2009-2409 | The Network Security Services (NSS) library before 3.12.3, as used in ... |
CVE-2009-2408 | Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ... |
CVE-2009-2404 | Heap-based buffer overflow in a regular-expression parser in Mozilla N ... |